diff --git a/main/docs/get-started/auth0-overview/create-applications/register-applications-with-cimd.mdx b/main/docs/get-started/auth0-overview/create-applications/register-applications-with-cimd.mdx index e4ce5fbac9..201b0b1514 100644 --- a/main/docs/get-started/auth0-overview/create-applications/register-applications-with-cimd.mdx +++ b/main/docs/get-started/auth0-overview/create-applications/register-applications-with-cimd.mdx @@ -10,6 +10,10 @@ When you import an application from its CIMD URL, Auth0 fetches, validates, and You can only register [third-party applications](/docs/get-started/applications/third-party-applications) using manual CIMD, which are subject to [enhanced security controls](/docs/get-started/applications/third-party-applications/security-controls). Once registered, [set up your CIMD client](#set-up-cimd-client) as a third-party application in Auth0. + +CIMD clients always register with `third_party_security_mode: "strict"`, regardless of your tenant's **Create Permissive Third-Party Clients by Default** setting. Permissive mode is not available for CIMD clients. Strict third-party applications [do not support Rules](/docs/get-started/applications/third-party-applications/security-controls#features-not-supported), and login flows for CIMD clients fail if your tenant has active Rules. If you use Rules, [migrate to Actions](/docs/customize/actions/migrate/migrate-from-rules-to-actions) before registering CIMD clients. + + ## Key benefits Manual CIMD registration has the following benefits: